CVE-2020-3948

Summary

Linux Guest VMs running on VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. Local attackers with non-administrative access to a Linux guest VM with virtual printing enabled may exploit this issue to elevate their privileges to root on the same guest VM.

Affected Software

VendorProductVersion RangeStatus
VMwareWorkstation15.x before 15.5.2affected
VMwareFusion11.x before 11.5.2affected

Weaknesses

  • Local privilege escalation vulnerability

ADP Enrichment

CVE Program Container

Additional References

References